[SOLVED] Find the sockets being used by a process (as a non-root user)
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Find the sockets being used by a process (as a non-root user)
I have to find the sockets being used by any running process on the system. I can't install external libraries or apps in order to get that information.
I tried with netstat -a -p, fuser lsof -i and ss -p, and all of them work fine... but only if I run them as root, and I should be logged in as a non-root user. In that case, I get the sockets, but not them owner processes. Also, if I use netstat to get the local port of every socket, and then I do fuser -n tcp [lcl_port], I don't get any information (of course, unless I am root).
I tried running those commands as a non-root user in privileged mode: bash -c - p netstat -a -p, bash -c -p fuser -n tcp [lcl_port], bash -c -p lsof -i and bash -c -p ss -p. But I get similar results.
I also tried accessing the /proc/net directory, doing something like cat /proc/[PID]/net/tcp, but it seems to return exactly the same info for any PID, so it isn't really useful for me.
By the way, if I am not logged in as root, I can't redirect the output of lsof -i to the input of grep command. By example, if I type something like lsof -i | grep firefox, I get this message:
Quote:
can't stat() fuse.gvfs-fuse-daemon file system /root/.gvfs
Output information may be incomplete.
How can I find the sockets being currently used by running processes as a non-root user?
If not run as root, you will only see the names of PID you own. The root user is super user. It can see other user information. You can use "sudo" prefix to upgrade current user to root.
Thanks to everyone, but I still can't solve the problem.
I have to get the information through a Bash script that should be executed by a non-root user. The script verifies if there are any open TCP/UDP sockets owned by current user's processes; if this is true, it kills those processes.
So, I only need to find the current user's sockets and their associated processes. It's supposed that I could easily get that information just by doing lsof -i logged in as a "normal" user. So, in order to try the command, I open a socket through establishing a connection from another PC, doing this:
Quote:
ssh nachete@192.168.x.x 'while true; do sleep 2; echo $RANDOM; done'
Then, from my main PC, logged in as root, I check the current sockets for nachete:
I think I solved my problem. The error was in the way I was testing my script. Apparently, when you establish a connection through SSH, the client host creates a socket as owned by the current user, but the server creates a socket as owned by root. I was running the ssh command from a host and trying to find the sockets from the other one (using netstat, lsof -i, etc.). That's why I couldn't find any socket unless I was root.
Finally, I ran lsof -i on the same host I had established the connection from, logged in as a non-root user, and it found a socket associated to the ssh process, owned by that user.
Thanks again and sorry for my english.
Maybe your wording threw us off (after all you went from "find the sockets being used by any running process (..) logged in as a non-root user" to "sockets owned by current user's processes") but it's good to see you found what you need.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.